I ran avast! memory test and it says memory is infected. The file byyxvv.dll contains sample of Win32:Malware-gen. I tried moving it to the chest, repair, and deleting. Nothing worked.
I ran malwarebyte’s antispyware, but still the same.
Also, now I’m getting a message popup in windows after it starts, it says something like “byyxvv denied” something about not loading.
Um, before I do another bootscan. The file won’t repair. Should I move it to the chest? I’m a little worried about moving things from the windows folder because it seems like windows needs those files to operate.
The file location is “c:\windows\system32\byyxvv.dll”
There really is no way I would even contemplate a repair as the file is undoubtedly malware, based on if nothing else the randomly generated file name a common tactic so you find little information on it and the fact it is in the system32 folder, when you would expect to find genuine files. In this case the few hits on google all relate to malware. This is not a windows system file, but yet another tactic to try and persuade them that it is an important system file.
What errors are you getting when trying to move it to the chest ?
Or is it coming back after removing it to the chest ?
On the boot-time scan send it to the chest, you might well get a windows error as there may still be a registry entry trying to run this file but it is no longer there.
I ran avast! thorough scan and it didn’t find anything. But windows still brings up that byyxvv.dll denied popup after it starts. Any way to make this go away?
It is likely as I mentioned before a registry entry remaining after the file is moved, so if MBAM or CCleaner doesn’t find and remove this redundant registry entry try this tool.
Download and run HJT and post the contents of the log file (cut and paste or attach the log file) into this topic, you may need to split it over two or more posts depending on how large it is.